Search results

1 – 2 of 2
Per page
102050
Citations:
Loading...
Access Restricted. View access options
Article
Publication date: 14 November 2016

Eli Rohn, Gilad Sabari and Guy Leshem

This study aims to investigate information technology security practices of very small enterprises.

643

Abstract

Purpose

This study aims to investigate information technology security practices of very small enterprises.

Design/methodology/approach

The authors perform a formal information security field study using a representative sample. Using the Control Objectives for IT (COBIT) framework, the authors evaluate 67 information security controls and perform 206 related tests. The authors state six hypotheses about the findings and accept or reject those using inferential statistics. The authors explain findings using the social comparison theory and the rare events bias theory.

Findings

Only one-third of all the controls examined were designed properly and operated as expected. About half of the controls were either ill-designed or did not operate as intended. The social comparison theory and the rare events bias theory explain managers’s reliance on small experience samples which in turn leads to erroneous comprehension of their business environment, which relates to information security.

Practical implications

This information is valuable to executive branch policy makers striving to reduce information security vulnerability on local and national levels and small business organizations providing information and advice to their members.

Originality/value

Information security surveys are usually over-optimistic and avoid self-incrimination, yielding results that are less accurate than field work. To obtain grounded facts, the authors used the field research approach to gather qualitative and quantitative data by physically visiting active organizations, interviewing managers and staff, observing processes and reviewing written materials such as policies, procedure and logs, in accordance to common practices of security audits.

Details

Information & Computer Security, vol. 24 no. 5
Type: Research Article
ISSN: 2056-4961

Keywords

Access Restricted. View access options
Article
Publication date: 11 November 2013

Philip Baron

Much information is hidden from consumers including social and environmental violations, poor labour practices and unethical economic activities. This paper aims to present a…

1674

Abstract

Purpose

Much information is hidden from consumers including social and environmental violations, poor labour practices and unethical economic activities. This paper aims to present a model for both consumers and corporations that can assist in empowering consumers when making purchasing decisions by bringing the behind the scenes information to the buyer. A responsibility rating is provided at each step in the production chain.

Design/methodology/approach

The paper provides an argument with research findings of how consumers are linked to their purchases, and how these purchases contribute to the current manufacturing cycle and perpetuation of land and labour abuses.

Findings

Consumers can influence the product lifecycle of their chosen products. The model provides a mechanism for consumers to purchase items that are in keeping with their worldview. A certifiable standard for corporations is presented.

Practical implications

Consumers are provided with a system that they can immediately obtain the responsibility ratings of any of their chosen products in real-time. Companies with low responsibility ratings lose out in their sales revenue and are thus motivated to change their production methods. Companies would compete in an atmosphere of total disclosure regarding social and environmental matters giving rise to a new ethic of consumerism.

Originality/value

A new form of consumerism is uncovered, one that takes the recursive nature of consumer actions into account.

Details

Kybernetes, vol. 42 no. 9/10
Type: Research Article
ISSN: 0368-492X

Keywords

1 – 2 of 2
Per page
102050